biovision-base 0.17.180619 → 0.19.180703.1

data/app/controllers/admin/link_block_items_controller.rb

@@ -0,0 +1,23 @@
+class Admin::LinkBlockItemsController < AdminController
+  include ToggleableEntity
+  include EntityPriority
+
+  before_action :set_entity
+
+  # get /admin/link_block_items/:id
+  def show
+  end
+
+  private
+
+  def restrict_access
+    require_privilege :content_manager
+  end
+
+  def set_entity
+    @entity = LinkBlockItem.find_by(id: params[:id])
+    if @entity.nil?
+      handle_http_404("Cannot find link_block_item #{params[:id]}")
+    end
+  end
+end

data/app/controllers/admin/link_blocks_controller.rb

@@ -0,0 +1,27 @@
+class Admin::LinkBlocksController < AdminController
+  include ToggleableEntity
+
+  before_action :set_entity, except: [:index]
+
+  # get /admin/link_blocks
+  def index
+    @collection = LinkBlock.list_for_administration
+  end
+
+  # get /admin/link_blocks/:id
+  def show
+  end
+
+  private
+
+  def restrict_access
+    require_privilege :content_manager
+  end
+
+  def set_entity
+    @entity = LinkBlock.find_by(id: params[:id])
+    if @entity.nil?
+      handle_http_404("Cannot find link_block #{params[:id]}")
+    end
+  end
+end

data/app/controllers/admin/privileges_controller.rb

@@ -4,7 +4,6 @@ class Admin::PrivilegesController < AdminController
   include ToggleableEntity
 
   before_action :set_entity, except: [:index]
-  before_action :check_entity_lock, only: [:toggle]
 
   # get /admin/privileges
   def index

data/app/controllers/concerns/removable_image.rb

@@ -0,0 +1,33 @@
+module RemovableImage
+  extend ActiveSupport::Concern
+
+  # Remove entity image when allowed
+  def destroy_image
+    if entity_image_is_locked?
+      render json: { errors: { locked: true } }, status: :forbidden
+    elsif entity_image_is_editable?
+      @entity.remove_image!
+      render json: { meta: { result: @entity.save } }
+    else
+      head :unauthorized
+    end
+  end
+
+  private
+
+  def entity_image_is_editable?
+    if @entity.respond_to?(:editable_by?)
+      @entity.editable_by?(current_user)
+    else
+      true
+    end
+  end
+
+  def entity_image_is_locked?
+    if @entity.respond_to?(:locked?)
+      @entity.locked?
+    else
+      false
+    end
+  end
+end

data/app/controllers/editable_blocks_controller.rb

@@ -0,0 +1,64 @@
+class EditableBlocksController < AdminController
+  before_action :set_entity, only: [:edit, :update, :destroy]
+
+  # post /editable_blocks/check
+  def check
+    @entity = EditableBlock.instance_for_check(params[:entity_id], entity_parameters)
+
+    render 'shared/forms/check'
+  end
+
+  # get /editable_blocks/new
+  def new
+    @entity = EditableBlock.new
+  end
+
+  # post /editable_blocks
+  def create
+    @entity = EditableBlock.new(entity_parameters)
+    if @entity.save
+      form_processed_ok(admin_editable_block_path(id: @entity.id))
+    else
+      form_processed_with_error(:new)
+    end
+  end
+
+  # get /editable_blocks/:id/edit
+  def edit
+  end
+
+  # patch /editable_blocks/:id
+  def update
+    if @entity.update(entity_parameters)
+      flash[:notice] = t('editable_blocks.update.success')
+      form_processed_ok(admin_editable_block_path(id: @entity.id))
+    else
+      form_processed_with_error(:edit)
+    end
+  end
+
+  # delete /editable_blocks/:id
+  def destroy
+    if @entity.destroy
+      flash[:notice] = t('editable_blocks.destroy.success')
+    end
+    redirect_to(admin_editable_blocks_path)
+  end
+
+  protected
+
+  def restrict_access
+    require_privilege :content_manager
+  end
+
+  def set_entity
+    @entity = EditableBlock.find_by(id: params[:id])
+    if @entity.nil?
+      handle_http_404('Cannot find editable_block')
+    end
+  end
+
+  def entity_parameters
+    params.require(:editable_block).permit(EditableBlock.entity_parameters)
+  end
+end

data/app/controllers/editable_pages_controller.rb

@@ -41,7 +41,7 @@ class EditablePagesController < AdminController
   protected
 
   def restrict_access
-    require_privilege :chief_editor
+    require_privilege :content_manager
   end
 
   def set_entity

data/app/controllers/feedback_requests_controller.rb

@@ -5,6 +5,7 @@ class FeedbackRequestsController < ApplicationController
     if @entity.save
       respond_to do |format|
         format.html { redirect_to root_path }
+        format.json { head :no_content }
         format.js
       end
 

data/app/controllers/link_block_items_controller.rb

@@ -0,0 +1,68 @@
+class LinkBlockItemsController < AdminController
+  before_action :set_entity, only: [:edit, :update, :destroy]
+
+  # post /admin/link_blocks/check
+  def check
+    @entity = LinkBlockItem.instance_for_check(params[:entity_id], entity_parameters)
+
+    render 'shared/forms/check'
+  end
+
+  # get /link_block_items/new
+  def new
+    @entity = LinkBlockItem.new
+  end
+
+  # post /link_block_items
+  def create
+    @entity = LinkBlockItem.new(creation_parameters)
+    if @entity.save
+      form_processed_ok(admin_link_block_item_path(id: @entity.id))
+    else
+      form_processed_with_error(:new)
+    end
+  end
+
+  # get /link_block_items/:id/edit
+  def edit
+  end
+
+  # patch /link_block_items/:id
+  def update
+    if @entity.update(entity_parameters)
+      flash[:notice] = t('link_block_items.update.success')
+      form_processed_ok(admin_link_block_item_path(id: @entity.id))
+    else
+      form_processed_with_error(:edit)
+    end
+  end
+
+  # delete /link_block_items/:id
+  def destroy
+    if @entity.destroy
+      flash[:notice] = t('link_block_items.destroy.success')
+    end
+    redirect_to(admin_link_block_items_path)
+  end
+
+  protected
+
+  def restrict_access
+    require_privilege :content_manager
+  end
+
+  def set_entity
+    @entity = LinkBlockItem.find_by(id: params[:id])
+    if @entity.nil?
+      handle_http_404('Cannot find link_block_item')
+    end
+  end
+
+  def entity_parameters
+    params.require(:link_block_item).permit(LinkBlockItem.entity_parameters)
+  end
+
+  def creation_parameters
+    params.require(:link_block_item).permit(LinkBlockItem.creation_parameters)
+  end
+end

data/app/controllers/link_blocks_controller.rb

@@ -0,0 +1,64 @@
+class LinkBlocksController < AdminController
+  before_action :set_entity, only: [:edit, :update, :destroy]
+
+  # post /link_blocks/check
+  def check
+    @entity = LinkBlock.instance_for_check(params[:entity_id], entity_parameters)
+
+    render 'shared/forms/check'
+  end
+
+  # get /link_blocks/new
+  def new
+    @entity = LinkBlock.new
+  end
+
+  # post /link_blocks
+  def create
+    @entity = LinkBlock.new(entity_parameters)
+    if @entity.save
+      form_processed_ok(admin_link_block_path(id: @entity.id))
+    else
+      form_processed_with_error(:new)
+    end
+  end
+
+  # get /link_blocks/:id/edit
+  def edit
+  end
+
+  # patch /link_blocks/:id
+  def update
+    if @entity.update(entity_parameters)
+      flash[:notice] = t('link_blocks.update.success')
+      form_processed_ok(admin_link_block_path(id: @entity.id))
+    else
+      form_processed_with_error(:edit)
+    end
+  end
+
+  # delete /link_blocks/:id
+  def destroy
+    if @entity.destroy
+      flash[:notice] = t('link_blocks.destroy.success')
+    end
+    redirect_to(admin_link_blocks_path)
+  end
+
+  protected
+
+  def restrict_access
+    require_privilege :content_manager
+  end
+
+  def set_entity
+    @entity = LinkBlock.find_by(id: params[:id])
+    if @entity.nil?
+      handle_http_404('Cannot find link_block')
+    end
+  end
+
+  def entity_parameters
+    params.require(:link_block).permit(LinkBlock.entity_parameters)
+  end
+end

data/app/helpers/editable_pages_helper.rb

@@ -4,6 +4,11 @@ module EditablePagesHelper
     link_to(entity.name, admin_editable_page_path(id: entity.id))
   end
 
+  # @param [EditableBlock] entity
+  def admin_editable_block_link(entity)
+    link_to(entity.name, admin_editable_block_path(id: entity.id))
+  end
+
   # @param [EditablePage] entity
   def editable_page_image_preview(entity)
     return '' if entity.image.blank?
@@ -17,4 +22,18 @@ module EditablePagesHelper
     versions = "#{entity.image.medium_2x.url} 2x"
     image_tag(entity.image.medium.url, alt: entity.name, srcset: versions)
   end
+
+  # @param [EditableBlock] entity
+  def editable_block_image_preview(entity)
+    return '' if entity.image.blank?
+    versions = "#{entity.image.preview_2x.url} 2x"
+    image_tag(entity.image.preview.url, alt: entity.name, srcset: versions)
+  end
+
+  # @param [EditableBlock] entity
+  def editable_block_image_medium(entity)
+    return '' if entity.image.blank?
+    versions = "#{entity.image.medium_2x.url} 2x"
+    image_tag(entity.image.medium.url, alt: entity.name, srcset: versions)
+  end
 end

data/app/helpers/link_blocks_helper.rb

@@ -0,0 +1,18 @@
+module LinkBlocksHelper
+  # @param [LinkBlock] entity
+  def admin_link_block_link(entity)
+    text = entity.title.blank? ? entity.slug : entity.title
+    link_to(text, admin_link_block_path(id: entity.id))
+  end
+
+  # @param [LinkBlockItem] entity
+  def admin_link_block_item_link(entity)
+    link_to(entity.text_for_link, admin_link_block_item_path(id: entity.id))
+  end
+
+  # @param [LinkBlock] entity
+  def link_block_image(entity)
+    return '' if entity.image.blank?
+    image_tag(entity.image.url, alt: entity.image_alt_text)
+  end
+end

data/app/models/editable_block.rb

@@ -0,0 +1,49 @@
+class EditableBlock < ApplicationRecord
+  include Checkable
+  include Toggleable
+
+  DESCRIPTION_LIMIT = 250
+  NAME_LIMIT        = 50
+  SLUG_LIMIT        = 50
+  SLUG_PATTERN      = /\A[a-z][-_a-z0-9]*[a-z]\z/i
+  SLUG_PATTERN_HTML = '^[a-zA-Z][-_a-zA_Z0-9]*[a-zA-Z]$'
+  TITLE_LIMIT       = 255
+  TEXT_LIMIT        = 5000
+
+  toggleable :visible, :raw_output
+
+  mount_uploader :image, EditablePageImageUploader
+
+  belongs_to :language, optional: true
+
+  validates_presence_of :name
+  validates_uniqueness_of :slug, scope: [:language_id]
+  validates_format_of :slug, with: SLUG_PATTERN
+  validates_length_of :slug, maximum: SLUG_LIMIT
+  validates_length_of :name, maximum: NAME_LIMIT
+  validates_length_of :title, maximum: TITLE_LIMIT
+  validates_length_of :lead, maximum: TEXT_LIMIT
+  validates_length_of :body, maximum: TEXT_LIMIT
+  validates_length_of :footer, maximum: TEXT_LIMIT
+
+  scope :ordered_by_slug, -> { order('slug asc, language_id asc nulls first') }
+  scope :visible, -> { where(visible: true) }
+  scope :list_for_administration, -> { ordered_by_slug }
+
+  # @param [String] slug
+  # @param [String] language_code
+  def self.localized_block(slug, language_code)
+    language = Language.find_by(code: language_code)
+    criteria = { visible: true, slug: slug }
+    find_by(criteria.merge(language: language)) || find_by(criteria)
+  end
+
+  def self.entity_parameters
+    %i[body description footer image language_id lead name raw_output slug title visible]
+  end
+
+  # @param [User] user
+  def editable_by?(user)
+    UserPrivilege.user_has_privilege?(user, :content_manager)
+  end
+end

data/app/models/link_block.rb

@@ -0,0 +1,43 @@
+class LinkBlock < ApplicationRecord
+  include Checkable
+  include Toggleable
+
+  toggleable :visible
+
+  SLUG_LIMIT        = 50
+  SLUG_PATTERN      = /\A[a-z][-_a-z0-9]*[a-z]\z/i
+  SLUG_PATTERN_HTML = '^[a-zA-Z][-_a-zA_Z0-9]*[a-zA-Z]$'
+  TITLE_LIMIT       = 255
+  TEXT_LIMIT        = 5000
+
+  belongs_to :language, optional: true
+  has_many :link_block_items, dependent: :destroy
+
+  validates_uniqueness_of :slug, scope: [:language_id]
+  validates_format_of :slug, with: SLUG_PATTERN
+  validates_length_of :slug, maximum: SLUG_LIMIT
+  validates_length_of :title, maximum: TITLE_LIMIT
+  validates_length_of :lead, maximum: TEXT_LIMIT
+  validates_length_of :footer_text, maximum: TEXT_LIMIT
+
+  scope :ordered_by_slug, -> { order('slug asc, language_id asc nulls first') }
+  scope :visible, -> { where(visible: true) }
+  scope :list_for_administration, -> { ordered_by_slug }
+
+  # @param [String] slug
+  # @param [String] language_code
+  def self.localized_block(slug, language_code)
+    language = Language.find_by(code: language_code)
+    criteria = { visible: true, slug: slug }
+    find_by(criteria.merge(language: language)) || find_by(criteria)
+  end
+
+  def self.entity_parameters
+    %i(footer_text language_id lead slug title visible)
+  end
+
+  # @param [User] user
+  def editable_by?(user)
+    UserPrivilege.user_has_privilege?(user, :content_manager)
+  end
+end

data/app/models/link_block_item.rb

@@ -0,0 +1,81 @@
+class LinkBlockItem < ApplicationRecord
+  include Checkable
+  include Toggleable
+
+  BUTTON_TEXT_LIMIT = 50
+  META_LIMIT        = 255
+  PRIORITY_RANGE    = (1..32767)
+  SLUG_LIMIT        = 50
+  SLUG_PATTERN      = /\A[a-z][-_a-z0-9]*[a-z]\z/i
+  SLUG_PATTERN_HTML = '^[a-zA-Z][-_a-zA_Z0-9]*[a-zA-Z]$'
+  TITLE_LIMIT       = 255
+  TEXT_LIMIT        = 5000
+  URL_LIMIT         = 255
+
+  toggleable :visible
+
+  mount_uploader :image, LinkBlockImageUploader
+
+  belongs_to :link_block
+
+  after_initialize :set_next_priority
+  before_validation { self.slug = nil if slug.blank? }
+  before_validation { self.slug = slug.strip unless slug.nil? }
+  before_validation :normalize_priority
+
+  validates_format_of :slug, with: SLUG_PATTERN, allow_nil: true
+  validates_length_of :body, maximum: TEXT_LIMIT
+  validates_length_of :button_text, maximum: BUTTON_TEXT_LIMIT
+  validates_length_of :button_url, maximum: URL_LIMIT
+  validates_length_of :image_alt_text, maximum: META_LIMIT
+  validates_length_of :slug, maximum: SLUG_LIMIT
+  validates_length_of :title, maximum: TITLE_LIMIT
+
+  scope :ordered_by_priority, -> { order('priority asc, slug asc') }
+  scope :siblings, -> (link_block_id) { where(link_block_id: link_block_id) }
+  scope :visible, -> { where(visible: true) }
+  scope :list_for_administration, -> { ordered_by_priority }
+  scope :list_for_visitors, -> { visible.ordered_by_priority }
+
+  def self.entity_parameters
+    %i(body button_text button_url image image_alt_text priority slug title visible)
+  end
+
+  def self.creation_parameters
+    entity_parameters + %i(link_block_id)
+  end
+
+  def text_for_link
+    if title.blank?
+      slug.blank? ? "#{link_block.slug}-#{priority}" : slug
+    else
+      title
+    end
+  end
+
+  # @param [Integer] delta
+  def change_priority(delta)
+    new_priority = priority + delta
+    criteria     = { priority: new_priority }
+    adjacent     = self.class.siblings(link_block_id).find_by(criteria)
+    if adjacent.is_a?(self.class) && (adjacent.id != id)
+      adjacent.update!(priority: priority)
+    end
+    update(priority: new_priority)
+
+    self.class.siblings(link_block_id).ordered_by_priority.map { |e| [e.id, e.priority] }.to_h
+  end
+
+  private
+
+  def set_next_priority
+    if id.nil? && priority == 1
+      self.priority = self.class.siblings(link_block_id).maximum(:priority).to_i + 1
+    end
+  end
+
+  def normalize_priority
+    self.priority = PRIORITY_RANGE.first if priority < PRIORITY_RANGE.first
+    self.priority = PRIORITY_RANGE.last if priority > PRIORITY_RANGE.last
+  end
+end

data/app/models/privilege.rb

@@ -34,8 +34,10 @@ class Privilege < ApplicationRecord
   scope :ordered_by_priority, -> { order('priority asc, name asc') }
   scope :ordered_by_name, -> { order('name asc, slug asc') }
   scope :visible, -> { where(visible: true, deleted: false) }
+  scope :administrative, -> { where(administrative: true) }
   scope :for_tree, ->(parent_id = nil) { where(parent_id: parent_id).ordered_by_priority }
   scope :siblings, ->(item) { where(parent_id: item.parent_id) }
+  scope :list_for_administration, -> { ordered_by_name }
 
   def self.page_for_administration
     ordered_by_name
@@ -54,11 +56,16 @@ class Privilege < ApplicationRecord
     (parents.map(&:name) + [name]).join ' / '
   end
 
-  # @return [Array<Integer>]
+  # @deprecated use #subbranch_ids
   def ids
     [id] + children_cache
   end
 
+  # @return [Array<Integer>]
+  def subbranch_ids
+    [id] + children_cache
+  end
+
   # @return [Array<Integer>]
   def branch_ids
     parents_cache.split(',').map(&:to_i).reject { |i| i < 1 }.uniq + [id]
@@ -124,7 +131,8 @@ class Privilege < ApplicationRecord
   # @param [Integer] delta
   def change_priority(delta)
     new_priority = priority + delta
-    adjacent     = self.class.siblings(self).find_by(priority: new_priority)
+    criteria     = { priority: new_priority }
+    adjacent     = self.class.siblings(self).find_by(criteria)
     if adjacent.is_a?(self.class) && (adjacent.id != id)
       adjacent.update!(priority: priority)
     end

data/app/models/privilege_group.rb

@@ -30,6 +30,11 @@ class PrivilegeGroup < ApplicationRecord
     %i(name slug description)
   end
 
+  # @param [String] slug
+  def self.users(slug)
+    User.with_privilege_ids(ids(slug)).ordered_by_screen_name
+  end
+
   # @param [Privilege] privilege
   def has_privilege?(privilege)
     privilege_group_privileges.exists?(privilege: privilege)

data/app/models/user.rb

@@ -39,6 +39,8 @@ class User < ApplicationRecord
   before_save :normalize_slug
   before_save :prepare_search_string
 
+  before_validation { self.email = nil if email.blank? }
+
   validates_acceptance_of :consent
   validates_presence_of :screen_name
   validates_format_of :screen_name, with: SCREEN_NAME_PATTERN, if: :native_slug?
@@ -52,6 +54,8 @@ class User < ApplicationRecord
   validates_length_of :notice, maximum: NOTICE_LIMIT
 
   scope :with_privilege, ->(privilege) { joins(:user_privileges).where(user_privileges: { privilege_id: privilege.branch_ids }) }
+  scope :with_privilege_ids, -> (privilege_ids) { joins(:user_privileges).where(user_privileges: { privilege_id: privilege_ids }) }
+  scope :ordered_by_screen_name, -> { order('screen_name asc') }
   scope :bots, ->(flag) { where(bot: flag.to_i > 0) unless flag.blank? }
   scope :email_like, ->(val) { where('email ilike ?', "%#{val}%") unless val.blank? }
   scope :with_email, ->(email) { where('lower(email) = lower(?)', email) }

data/app/models/user_privilege.rb

@@ -11,7 +11,7 @@ class UserPrivilege < ApplicationRecord
   def self.ids(user)
     privileges = user&.privileges
     return [] if privileges.blank?
-    privileges.map(&:ids).flatten.uniq
+    privileges.map(&:subbranch_ids).flatten.uniq
   end
 
   # @param [User] user
@@ -25,10 +25,15 @@ class UserPrivilege < ApplicationRecord
   end
 
   # @param [User] user
-  def self.user_has_any_privilege?(user)
+  # @param [TrueClass|FalseClass] administrative
+  def self.user_has_any_privilege?(user, administrative = true)
     return false if user.nil?
     return true if user.super_user?
-    exists?(user: user)
+    criteria = { user: user }
+    if administrative
+      criteria[:privilege_id] = Privilege.administrative.pluck(:id)
+    end
+    exists?(criteria)
   end
 
   # @param [User] user

data/app/services/user_profile_handler.rb

@@ -2,13 +2,13 @@ class UserProfileHandler
   GENDERS = { 0 => 'female', 1 => 'male' }
 
   def self.allowed_parameters
-    %w(gender name patronymic surname)
+    %w(gender name patronymic surname about)
   end
 
   # @param [Hash] input
   def self.clean_parameters(input)
     if input.key?('gender')
-      gender_key = input['gender'].to_i
+      gender_key = input['gender'].blank? ? nil : input['gender'].to_i
       gender     = GENDERS.key?(gender_key) ? gender_key : nil
     else
       gender = nil

data/app/uploaders/editable_page_image_uploader.rb

@@ -14,7 +14,11 @@ class EditablePageImageUploader < CarrierWave::Uploader::Base
     "uploads/#{model.class.to_s.underscore}/#{mounted_as}/#{model.id}"
   end
 
-  version :medium_2x do
+  version :large do
+    resize_to_fit 1920, 1920
+  end
+
+  version :medium_2x, from_version: :large do
     resize_to_fit 1280, 1280
   end
 

data/app/uploaders/link_block_image_uploader.rb

@@ -0,0 +1,17 @@
+class LinkBlockImageUploader < CarrierWave::Uploader::Base
+  # Choose what kind of storage to use for this uploader:
+  storage :file
+  # storage :fog
+
+  # Override the directory where uploaded files will be stored.
+  # This is a sensible default for uploaders that are meant to be mounted:
+  def store_dir
+    "uploads/#{model.class.to_s.underscore}/#{mounted_as}/#{model.id}"
+  end
+
+  # Add a white list of extensions which are allowed to be uploaded.
+  # For images you might use something like this:
+  def extension_whitelist
+    %w(jpg jpeg png svg)
+  end
+end